Ubuntu VPN Server (PPTPD) Configuration – Pass Traffic to Internet

pptpdUbuntuvpn

I am trying to configure PPTPD on my Ubuntu box to pass all VPN traffic through to it's internet connection, so I essentially want it to work like a Proxy.

I think the problem is that no default gateway is being assigned to my PPTP client (Windows 7). I can connect to the VPN fine, I get an IP address and DNS servers but no default gateway.

Do I need to configure a specific option to tell the VPN server to forward all traffic it receives down it's eth0 port and out to the internet.

Thanks!

Best Answer

Have you done setup of nat on your ubuntu box?

Here is example how to do it using iptables hope it will help you

#!/bin/sh

# iptables executable lives here
IPTABLES='/usr/sbin/iptables'
# renaming of our interfaces for better usability
# externail interface 
EXTIF='eth0'
# internal interface
INTIF='ppp0'
# flushing all of our rules
$IPTABLES -F
$IPTABLES -X
# switching on NAT 
# 192.168.1.0/24 - is an internal network behind our linux box
$IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -o $EXTIF -j MASQUERADE
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -m state --state NEW,ESTABLISHED -j ACCEPT

# optional tuning
# allow ssh connections to linux box
$IPTABLES -A INPUT --protocol tcp --dport 22 -j ACCEPT
# allow connections to http server on linux box
$IPTABLES -A INPUT --protocol tcp --dport 80 -j ACCEPT
# deny all other connections
$IPTABLES -A INPUT -i $EXTIF -m state --state NEW,INVALID -j DROP
$IPTABLES -A FORWARD -i $EXTIF -m state --state NEW,INVALID -j DROP

# port forwarding
# vnc
iptables -A PREROUTING -t nat -i $EXTIF -p tcp --dport 5900 -j DNAT --to 192.168.1.116:5900
iptables -A INPUT -p tcp -m state --state NEW --dport 5900 -i $EXTIF -j ACCEPT
# samba
iptables -A PREROUTING -t nat -i $EXTIF -p tcp --dport 139 -j DNAT --to 192.168.1.116:139
iptables -A INPUT -p tcp -m state --state NEW --dport 139 -i $EXTIF -j ACCEPT
iptables -A PREROUTING -t nat -i $EXTIF -p tcp --dport 445 -j DNAT --to 192.168.1.116:445
iptables -A INPUT -p tcp -m state --state NEW --dport 445 -i $EXTIF -j ACCEPT

Related Solutions

Iptables – Masquerade traffic from certain source IP to VPN connection

Assuming that the internal interface on Ubuntu gateway is eth0.

Add more 2 below rules:

iptables -A FORWARD -i eth0 -o ppp0 -s 10.0.0.51 -j ACCEPT
iptables -A FORWARD -i ppp0 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

and make sure that you removed the old gateway on the client:

route del default gw 10.0.0.1 dev <ethx>

Linux – PPTPD nic configuration and default gateway

Instead of

# PPTP IP forwarding
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Use:

# PPTP IP forwarding
iptables -t nat -A POSTROUTING -o eth0 -d xxx.xxx.xxx.xxx -j MASQUERADE

(where xxx.xxx.xxx.xxx is the UK IP assigned to eth0:0)

Best Answer

Related Solutions

Iptables – Masquerade traffic from certain source IP to VPN connection

Linux – PPTPD nic configuration and default gateway

Related Topic